Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The web server must not be a proxy server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-41694 | SRG-APP-000141-WSR-000076 | SV-54271r2_rule | Medium |
| Description |
|---|
| A web server should be primarily a web server or a proxy server but not both, for the same reasons that other multi-use servers are not recommended. Scanning for web servers that will also proxy requests into an otherwise protected network is a very common attack making the attack anonymous. |
| STIG | Date |
|---|---|
| Web Server Security Requirements Guide | 2014-11-17 |
Details
| Check Text ( C-48091r2_chk ) |
|---|
| Review the web server documentation and deployed configuration to determine if the web server is also a proxy server. If the web server is also acting as a proxy server, this is a finding. |
| Fix Text (F-47153r3_fix) |
|---|
| Uninstall any proxy services, modules, and libraries that are used by the web server to act as a proxy server. Verify all configuration changes are made to assure the web server is no longer acting as a proxy server in any manner. |